Live
Windows NEGOEX Integer Overflow Lets Attackers Escalate to SYSTEM—Patch Now·MSFT +0.1%Rockwell Patches Critical SSRF Flaw in ThinManager That Exposes NTLM Hashes to Attackers·NVDA +3.0%SMB Signing Defaults, AES-256 Encryption Arrive as Microsoft Retires CIFS·GOOGL +1.2%Kerberos CVE-2025-26647 Hardening Causes Authentication Chaos: The Full Story of Audit-to-Enforce and NTAuth Requirements·AMZN +2.9%Windows 11 24H2 NTLMv1 SSO Block Enforces in 2026—Audit Now·MSFT +0.1%Microsoft Drops Kerberos Compatibility Workarounds September 10: What You Must Do·NVDA +3.0%Last Call for Certificate Compatibility: Microsoft Mandates Strong Mappings on Windows DCs Sept 10·GOOGL +1.2%CERT-In Warns: Patch Windows and Cloud Now as Microsoft Fixes 111 Vulnerabilities, Including Kerberos Zero-Day·AMZN +2.9%Windows NEGOEX Integer Overflow Lets Attackers Escalate to SYSTEM—Patch Now·MSFT +0.1%Rockwell Patches Critical SSRF Flaw in ThinManager That Exposes NTLM Hashes to Attackers·NVDA +3.0%SMB Signing Defaults, AES-256 Encryption Arrive as Microsoft Retires CIFS·GOOGL +1.2%Kerberos CVE-2025-26647 Hardening Causes Authentication Chaos: The Full Story of Audit-to-Enforce and NTAuth Requirements·AMZN +2.9%Windows 11 24H2 NTLMv1 SSO Block Enforces in 2026—Audit Now·MSFT +0.1%Microsoft Drops Kerberos Compatibility Workarounds September 10: What You Must Do·NVDA +3.0%Last Call for Certificate Compatibility: Microsoft Mandates Strong Mappings on Windows DCs Sept 10·GOOGL +1.2%CERT-In Warns: Patch Windows and Cloud Now as Microsoft Fixes 111 Vulnerabilities, Including Kerberos Zero-Day·AMZN +2.9%

Kerberos

The latest Kerberos coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 12:39 AM
Latest Most Read Breaking
Sort
Authentication · Cve-2025-54895

Windows NEGOEX Integer Overflow Lets Attackers Escalate to SYSTEM—Patch Now

Microsoft has released a security update to plug a critical elevation-of-privilege hole in the Windows NEGOEX authentication mechanism. Tracked as CVE-2025-54895, the flaw stems from an integer...

Advertisement
Auditing · Blockntlmv1sso

Windows 11 24H2 NTLMv1 SSO Block Enforces in 2026—Audit Now

Microsoft will flip a default switch in October 2026 that blocks single sign-on requests relying on NTLMv1-derived cryptography in Windows 11 24H2 and Windows Server 2025. The change is gated by a...

SE Security Desk·46w ago
Active Directory · Altsecurityidentities

Microsoft Drops Kerberos Compatibility Workarounds September 10: What You Must Do

On September 10, 2025, Microsoft will flip a permanent switch in Windows domain controllers: the temporary registry settings that have allowed weak certificate-to-user mappings will stop working, and...

SE Security Desk·46w ago
1.3.6.1.4.1.311.25.2 · 802.1x

Last Call for Certificate Compatibility: Microsoft Mandates Strong Mappings on Windows DCs Sept 10

Microsoft will permanently disable the compatibility mode for certificate-to-account mappings on Windows domain controllers on September 10, 2025, forcing organizations still relying on weak...

SE Security Desk·46w ago
Azure Databricks · Cert-in

CERT-In Warns: Patch Windows and Cloud Now as Microsoft Fixes 111 Vulnerabilities, Including Kerberos Zero-Day

India's Computer Emergency Response Team (CERT-In) has issued a high-severity advisory urging organizations and home users to apply Microsoft's latest security updates immediately. The warning...

SE Security Desk·46w ago
Beyondtrust · Document Processing

Windows Server Security: BeyondTrust's 10-Year Report Uncovers Recurring RCE and EoP Threats

A decade of Microsoft security bulletins reveals a stubborn truth: the same handful of vulnerability classes keep hammering Windows Server environments, and defenders who ignore these patterns do so...

SE Security Desk·46w ago
Active Directory · Badsuccessor

Patch Domain Controllers Now: Microsoft's August Updates Fix Kerberos Zero-Day, Hybrid Exchange Flaws, and 107 Bugs

Microsoft's August 2025 Patch Tuesday landed with an unusual bang, delivering fixes for 107 vulnerabilities, including a publicly disclosed Kerberos zero-day that can hand attackers the keys to an...

SE Security Desk·47w ago
Cve-2025-50165 · Cve-2025-53766

Microsoft’s August Patches Slam Shut 107+ Holes, Including Public Kerberos Flaw and Critical GDI+ RCE

On August 12, 2025, Microsoft’s monthly Patch Tuesday arrived with a payload heavy enough to keep IT admins working through the night. The security slate covers at least 107 distinct...

SE Security Desk·48w ago
Cisa-ed-25-02 · Cloud-mitigations

CISA Emergency Directive Targets Exchange Hybrid Flaw in August Patch Tuesday Deluge

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive late Tuesday, ordering federal agencies to secure on-premises Exchange servers within hours after a newly...

SE Security Desk·48w ago